Marcus Hutchins, AKA
Malwaretech Charged for Kronos Banking Trojan
August 03, 2017
On July 11, 2017, following a two-year long investigation, a
federal grand jury returned a six-count indictment against
Marcus Hutchins, also known as “Malwaretech,” for his role in
creating and distributing the Kronos banking Trojan. Hutchins, a
citizen and resident of the United Kingdom, was arrested in the
United States on August 2, 2017, in Las Vegas, Nevada.
In the indictment, Hutchins was charged with one count of
conspiracy to commit computer fraud and abuse, three counts of
distributing and advertising an electronic communication
interception device, one count of endeavoring to intercept
electronic communications, and one count of attempting to access
a computer without authorization. The alleged conduct for which
Hutchins was arrested occurred between in or around July 2014
and July 2015.
Publically available information for the Kronos banking Trojan
indicates that it was first made available through certain
internet forums in early 2014, and marketed and distributed
through AlphaBay, a hidden service on the Tor network. On July
20, 2017, the Department of Justice announced that the Alphabay
marketplace was shuttered through an international law
enforcement effort led by the United States.
According to the indictment, the Kronos banking Trojan was
designed to harvest and transfer the username and password
associated with banking websites as they are entered on an
infected computer to a control panel hosted on another computer
inaccessible to the victim. According to publically available
information, since it was created, Kronos has been configured to
exfiltrate user credentials associated with banking systems
located in Canada, Germany, Poland, France, and the United
Kingdom, among others countries.
presents an ongoing threat to privacy and security, as the
Kelihos botnet was observed loading Kronos on computers through
email phishing campaign in late 2016. On April 10, 2017, the
Department of Justice announced its efforts to dismantle the
“Cybercrime remains a top priority for the FBI,” said Special
Agent in Charge (SAC) Justin Tolomeo. “Cybercriminals cost our
economy billions in loses each year. The FBI will continue to
work with our partners, both domestic and international, to
bring offenders to justice.”
This case was investigated by the Federal Bureau of
Investigation Cyber Crime Task in Milwaukee. The case is being
prosecuted by Assistant United States Attorneys Michael J.
Chmelar and Benjamin W. Proctor.
The public is reminded that an indictment contains only charges
and is not evidence of guilt. The defendant is presumed innocent
and is entitled to a fair trial at which the government has the
burden of proving guilt beyond a reasonable doubt.